X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=TODO;h=2d5e447edeb162360ff15fbeb94e1a1754d691b3;hp=f32d1097476838ed77cce3b189d0f19169b5e270;hb=7d8d39dc3418b0e709b76f08eb08ab7668239207;hpb=c6f79b178fe27ee315055dccb371b63ca1a6183a

diff --git a/TODO b/TODO
index f32d109..2d5e447 100644
--- a/TODO
+++ b/TODO
@@ -1,22 +1,18 @@
-Makefile.in: autodep stuff
-
 dh.c: change format to binary from decimal string (without introducing
 endianness problems)
 
-ipaddr.c: implement the useful functionality from ipaddr.py
+netlink.c: test the 'allow_route' option properly.
+Add fragmentation code.  Check that we comply with RFC1812.
 
-netlink.c: investigate why 'default' routes don't appear to work
-(reported by JDA).
-Implement the 'allow_route' option properly.
+random.c: test properly
 
-random.c: test
+resolver.c: ought to return a list of addresses for each address; the
+site code ought to remember them and try contacting them in turn.
 
 rsa.c: check padding type, change format to binary from decimal string
 (without introducing endianness problems)
 
-site.c: the site_incoming() routing could be implemented much more
-cleanly using a table. There's still quite a lot of redundancy in this
-file. Abandon key exchanges when a bad packet is received. Modify
+site.c: Abandon key exchanges when a bad packet is received. Modify
 protocol to include version fields, as described in the NOTES
 file. Implement keepalive mode. Make policy about when to initiate key
 exchanges more configurable (how many NAKs / bad reverse-transforms
@@ -24,16 +20,15 @@ does it take to prompt a key exchange?)
 
 slip.c: restart userv-ipif to cope with soft routes? Restart it if it
 fails in use?
-userv-ipif doesn't like the same bit of network to be specified
-twice. Use the new functionality in ipaddr.c once it's done to prevent
-this.
-
-tun.c: jdamery reports tun-old code works on Linux-2.2.
-Unresolved problem with ioctl(TUNSETIFF) sometimes returning EINVAL, seems
-to be related to early 2.4.x (x<=5) series kernels. 2.4.9 and above seem ok;
-2.4.[678] untested.
 
 transform.c: separate the transforms into multiple parts, which can
 then be combined in the configuration file.  Will allow the user to
 plug in different block ciphers, invent an authenticity-only mode,
-etc.
+etc. (similar to udptunnel)
+
+udp.c: option for path-MTU discovery (once fragmentation support is
+implemented in netlink)
+
+
+global:
+consider using liboop for the event loop